CVE-2025-30033

CWE-4273 documents3 sources

Severity

8.5HIGH

EPSS

0.0%

top 99.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

139

Siemens Automation License Manager V6.0 Siemens Automation License Manager V6.2 Siemens Cemat V10.0 +136 more

Timeline

PublishedAug 12

Description

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages139 packages

▶CVEListV5siemens/wincc_panel_image_setup< V17 Update 9

▶CVEListV5siemens/sitrans< *

▶CVEListV5siemens/sinec_nms< V4.0

▶CVEListV5siemens/cemat_v10.0< *

▶CVEListV5siemens/openpcs_7_v9.1< *

🔴Vulnerability Details

GHSA

GHSA-wc4j-qqmp-4vc4: The affected setup component is vulnerable to DLL hijacking↗2025-08-12

▶

CVEList

CVE-2025-30033: The affected setup component is vulnerable to DLL hijacking↗2025-08-12

▶